E-commerce to finally get more protection

The Jakarta Post, Jakarta

The government is to allow more digital certification authorities to operate in Indonesia to protect Internet users from the growing threat of cybercrime, a senior official at the Information Ministry says.

Hafni Septiana, the head of the e-commerce section at the ministry, said Thursday that firms interested in acting as certification authorities (CAs) should apply for operating licenses from the certification authorities regulatory agency (BPCA), which would be established sometime next year.

She said that the setting up of the agency, which would be a 15-member panel comprising government officials, academics and IT experts, was now underway.

"We have completed the drafting of the technical regulations needed for the BPCA's operation," Hafni told The Jakarta Post.

The establishment of the agency was essential to ensuring that firms providing certification services not only met the set standards, but were also characterized by high levels of integrity.

She said that a number of companies were providing certification services at present, but only for internal purposes.

According to Hafni, the CAs would have the task of issuing digital certification and digital signatures to protect both website owners and users from Internet fraud.

Teddy Sukardi, chairman of the Information Technology and Internet Federation, said that the CAs would help users to differentiate between websites and e-transactions that were genuine and those that were bogus.

"A certification authority can help with tracing if a suspicious transaction occurs," Teddy said.

He said that to become a CA, an applicant would need to acquire a certificate from the Certification Authority Certification Board (LSCA) before applying for a license to the BPCA.

"A CA's operating permit will be valid for three years and can be renewed for another three. If a CA decides to close up shop, it should transfer its users to another CA," Teddy explained.

He said that the CAs, the BPCA and the LSCA were needed in Indonesia to safeguard electronic transactions, especially in the absence of a cyber law.

The government submitted a draft cyber law to the House of Representatives two years ago for approval. But, to date, the deliberation of the bill has not been completed.

"The regulations on the BPCA, the LSCA and the CAs will be in line with the cyber bill. So we can protect consumers while waiting for the House to endorse the bill," Hafni said. (tif)